Skip to content

Commit

Permalink
chore: standardize repo to template and update README.md (#20)
Browse files Browse the repository at this point in the history
* chore: standardize repo to template and update README.md

* Update README.md

Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>

* Update README.md

Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>

* Update README.md

Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>

* Update CONTRIBUTING.md

Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>

* Update contributing guidelines + renovate

* Update security.md

* remove values

* update commitlint

---------

Co-authored-by: Micah Nagel <micah.nagel@defenseunicorns.com>
  • Loading branch information
Racer159 and mjnagel authored Feb 14, 2024
1 parent d1cf997 commit 88a3d84
Show file tree
Hide file tree
Showing 13 changed files with 231 additions and 107 deletions.
1 change: 1 addition & 0 deletions .adr-dir
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
adr
27 changes: 27 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: 'possible-bug 🐛'
assignees: ''
---

### Environment
Device and OS:
App/package versions:
Kubernetes distro being used:
Other:

### Steps to reproduce
1.

### Expected result

### Actual Result

### Visual Proof (screenshots, videos, text, etc)

### Severity/Priority

### Additional Context
Add any other context or screenshots about the technical debt here.
22 changes: 22 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: 'enhancement ✨'
assignees: ''
---

### Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

### Describe the solution you'd like

- **Given** a state
- **When** an action is taken
- **Then** something happens

### Describe alternatives you've considered
(optional) A clear and concise description of any alternative solutions or features you've considered.

### Additional context
Add any other context or screenshots about the feature request here.
16 changes: 16 additions & 0 deletions .github/ISSUE_TEMPLATE/tech_debt.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
---
name: Tech debt
about: Record something that should be investigated or refactored in the future.
title: ''
labels: 'tech-debt 💳'
assignees: ''
---

### Describe what should be investigated or refactored
A clear and concise description of what should be changed/researched. Ex. This piece of the code is not DRY enough [...]

### Links to any relevant code
(optional) i.e. - https://github.com/defenseunicorns/uds-package-mattermost/blob/main/README.md?plain=1#L1

### Additional context
Add any other context or screenshots about the technical debt here.
20 changes: 20 additions & 0 deletions .github/pull_request_template.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
## Description

...

## Related Issue

Fixes #
<!-- or -->
Relates to #

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [ ] Test, docs, adr added or updated as needed
- [ ] [Contributor Guide Steps](https://github.com/defenseunicorns/uds-package-mattermost/blob/main/CONTRIBUTING.md#developer-workflow) followed
4 changes: 3 additions & 1 deletion .github/workflows/commitlint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,9 @@ jobs:
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2

- name: Install commitlint
run: npm install --save-dev @commitlint/{config-conventional,cli}
run: |
npm install --save-dev @commitlint/config-conventional@18.6.0
npm install --save-dev @commitlint/cli@18.6.0
- name: Lint PR title
run: echo "${{ github.event.pull_request.title }}" | npx commitlint
50 changes: 50 additions & 0 deletions .github/workflows/scorecard.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
name: Scorecards supply-chain security
on:
# Only the default branch is supported.
branch_protection_rule:
schedule:
- cron: '30 1 * * 6'
push:
branches: [ "main" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
analysis:
name: Scorecards analysis
runs-on: ubuntu-latest
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Used to receive a badge.
id-token: write

steps:
- name: "Checkout code"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
with:
results_file: results.sarif
results_format: sarif
repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
publish_results: true

# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12
with:
sarif_file: results.sarif
28 changes: 3 additions & 25 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -1,27 +1,5 @@
# Welcome to the Matter Operator UDS Capability
# Welcome to the Mattermost UDS Package

Thank you for your interest in this Defense Unicorns UDS Capability!
Thank you for your interest in this Defense Unicorns UDS Package!

This document describes the process and requirements for contributing to this UDS Capability.

## Developer Experience

Continuous Delivery is core to our development philosophy. Check out [https://minimumcd.org](https://minimumcd.org) for a good baseline agreement on what that means.

Specifically:

* We do trunk-based development (main) with short-lived feature branches that originate from the trunk, get merged into the trunk, and are deleted after the merge
* We don't merge code into main that isn't releasable
* We perform automated testing on all changes before they get merged to main
* Continuous integration (CI) pipeline tests are definitive
* We create immutable release artifacts

## Definition of Done

We apply these general principles to all User Stories and activities contributing to the UDS SWF.

* Automated continuous integration (CI) pipeline tests pass
* CI pipeline tests have been updated to meet system changes
* Changes are peer reviewed
* Acceptance criteria is met
* Documentation is updated to reflect what changed
This package is part of Defense Unicorns' UDS Software Factory and follows the contributing guidelines outlined in that repositories' [CONTRIBUTING.md](https://github.com/defenseunicorns/uds-software-factory/blob/main/CONTRIBUTING.md) file.
41 changes: 32 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,14 +1,12 @@
# UDS Mattermost Package

This repo contains a UDS Package for [Mattermost](https://mattermost.com/), along with an example bundle and UDS tasks for development.
[![Latest Release](https://img.shields.io/github/v/release/defenseunicorns/uds-package-mattermost)](https://github.com/defenseunicorns/uds-package-mattermost/releases)
[![Build Status](https://img.shields.io/github/actions/workflow/status/defenseunicorns/uds-package-mattermost/tag-and-release.yaml)](https://github.com/defenseunicorns/uds-package-mattermost/actions/workflows/tag-and-release.yaml)
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-mattermost/badge)](https://api.securityscorecards.dev/projects/github.com/defenseunicorns/uds-package-mattermost)

## Flavors

Two flavors of this package are produced at this time:
- `upstream`: This flavor uses the upstream images (same ones deployed by the chart by default) and is intended for a quick and seamless development experience
- `registry1` (amd64 architecture only): This flavor uses hardened images from [Ironbank](https://p1.dso.mil/services/iron-bank) and is intended for production environments
This package is designed for use as part of a [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) bundle deployed on [UDS Core](https://github.com/defenseunicorns/uds-core).

## Dependencies
## Prerequisites

Mattermost requires two dependencies, postgres and s3 compatible object storage. Wiring Mattermost to your dependencies is done primarily via helm values, which will require the use of a bundle created with uds-cli.

Expand Down Expand Up @@ -50,6 +48,31 @@ To use IRSA make sure to NOT set the two key variables and add the appropriate r
value: "arn:aws:iam::123456789:role/mattermost-role"
```

## Additional Config
## Flavors

| Flavor | Description | Example Creation |
| ------ | ----------- | ---------------- |
| upstream | Uses upstream images within the package. | `zarf package create . -f upstream` |
| registry1 | Uses images from registry1.dso.mil within the package. | `zarf package create . -f registry1` |

## Releases

The released packages can be found in [ghcr](https://github.com/defenseunicorns/uds-package-mattermost/pkgs/container/packages%2Fuds%2Fmattermost).

## UDS Tasks (for local dev and CI)

*For local dev, this requires installing [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install)

| Task | Description | Example |
| ---- | ----------- | ------- |
| setup-cluster | Uses the `k3d-core-istio` bundle to create a cluster for testing against | `uds run setup-cluster` |
| create-package | Creates just the Mattermost package | `uds run create-package --set FLAVOR=<flavor>` |
| create-test-bundle | Creates Mattermost and Mattermost dependency packages and then bundles them | `uds run create-test-bundle` |
| deploy-package | Deploy Mattermost package only | `uds run deploy-package` |
| deploy-test-bundle | Deploy Mattermost and Mattermost dependency bundle | `uds run deploy-test-bundle` |
| test-package | Run checks against a deployed package or bundle | `uds run test-package` |
| cleanup | Teardown the cluster | `uds run cleanup` |

## Contributing

Additional configuration can be done via overrides to configure a number of Mattermost properties like SSO. Check the full list of values in the config chart [here](./chart/values.yaml). If you find that you need something else exposed please open an issue!
Please see the [CONTRIBUTING.md](./CONTRIBUTING.md)
9 changes: 9 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Security Policy

## Supported Versions

As [UDS Software Factory](https://github.com/defenseunicorns/uds-software-factory) has not yet reached v1.0.0, only the current latest minor release is supported.

## Reporting a Vulnerability

Please email `security-notice [at] defenseunicorns.com` to report a vulnerability. If you are unable to disclose details via email, please let us know and we can coordinate alternate communications.
23 changes: 23 additions & 0 deletions adr/0001-record-architecture-decisions.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# 1. Record architecture decisions

Date: 2024-02-04

## Status

Accepted

## Context

> NOTE:
>
> This file was automatically created when we used [adr-tools](https://github.com/npryce/adr-tools) to initialize the document log in the repo. ADRs on ADRs are a little silly, but it does give a lightweight way to direct the reader over to our contributor guide that has a lot more information.
We need to record the architectural decisions made on this project.

## Decision

We will use Architecture Decision Records, as [described by Michael Nygard](http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions), with a couple of small tweaks. See the [Documentation section in the Contributor guide](../CONTRIBUTING.md#documentation) for full details.

## Consequences

See Michael Nygard's article, linked above. For a lightweight ADR toolset, see Nat Pryce's [adr-tools](https://github.com/npryce/adr-tools).
19 changes: 19 additions & 0 deletions adr/template.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# NUMBER. TITLE

Date: DATE

## Status

STATUS

## Context

The issue motivating this decision, and any context that influences or constrains the decision.

## Decision

The change that we're proposing or have agreed to implement.

## Consequences

What becomes easier or more difficult to do and any risks introduced by the change that will need to be mitigated.
78 changes: 6 additions & 72 deletions renovate.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,69 +3,12 @@
"forkProcessing": "enabled",
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
":dependencyDashboard",
":semanticCommits",
":semanticCommitTypeAll(chore)",
"group:all"
],
"branchConcurrentLimit": 0,
"prConcurrentLimit": 0,
"prHourlyLimit": 0,
"rebaseStalePrs": true,
"dependencyDashboard": true,
"dependencyDashboardTitle": "Renovate Dashboard 🤖",
"rebaseWhen": "conflicted",
"commitBodyTable": true,
"suppressNotifications": ["prIgnoreNotification"],
"pre-commit": {
"enabled": true
},
"helm-values": {
"fileMatch": ["./.+\\.yaml$"]
},
"regexManagers": [
{
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"- name: (?<depName>.*?)\n *url: (?<registryUrl>.*?)\n *version: (?<currentValue>.*)\n",
"- name: (?<depName>.*?)\n *version: (?<currentValue>.*)\n *url: (?<registryUrl>.*?)\n",
"- name: (?<depName>.*?)\n *namespace: .*\n *url: (?<registryUrl>.*?)\n *version: (?<currentValue>.*)\n",
"- name: (?<depName>.*?)\n *namespace: .*\n *version: (?<currentValue>.*)\n *url: (?<registryUrl>.*?)\n"
],
"datasourceTemplate": "helm"
},
{
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"- [\"]?(?<depName>[^\"\n]*):(?<currentValue>[^\"\n]*)[\"]?"
],
"datasourceTemplate": "docker"
},
{
"depNameTemplate": "defenseunicorns/uds-cli",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"# renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=(?<versioning>[^\n]+)\n.*?uds@(?<currentValue>.*)"
],
"datasourceTemplate": "github-tags",
"extractVersionTemplate": "^v(?<version>.*)$"
},
{
"depNameTemplate": "defenseunicorns/zarf",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"# renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=(?<versioning>.*?)\n.*?(version:) (?<currentValue>.*)"
],
"datasourceTemplate": "github-tags"
},
{
"depNameTemplate": "defenseunicorns/uds-common-tasks",
"fileMatch": ["\\.*\\.ya?ml$"],
"matchStrings": [
"https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/(?<currentValue>[^/]+)/.*"
],
"datasourceTemplate": "github-tags"
}
"github>defenseunicorns/uds-common//config/renovate.json5",
":semanticPrefixFixDepsChoreOthers",
"config:base",
"group:all",
"replacements:all",
"workarounds:all"
],
"hostRules": [
{
Expand All @@ -77,14 +20,5 @@
"password": "wcFMA/xDdHCJBTolAQ/6A4VHieAREvIZ35w9tpdLuvCysq3951xcwBD+o5A6QNYz9K5J0X4NDp2NF5FwEeEBgh3CGF7t/jXHdvvFUSo1wnTT0N+XoU4fXta1px9rkZssPWaMmqbmQ+KWXrEo7SMYK4nXBdExtIZ/j8XvjvTZ1apAh+ySW41eAKXbeQC+5I2rjDJegH6hI7kGkQDzmSAoaDX/Nw8seccozzOj9GEGxPbtF1UYJIfG0jZObf0GowXXCtCOEd5QcQQnzILIaiN0tgZgXrQKFehMTboi8rgYLtRI3LIObUjxl7O59q7ZBCkUuyt9nYF14i9PD8IltVdPsTrGpyK/yQMFrjHWkIPGFHZC9dLyjQlhTjMFBYdye9KGfoZHnKR5pXZw7JvCho/PaP3S8y4LXPJa7YHty0wEcP1eWT0b1hapHnsyDEJ22xyCz0hVFeUnXRPj3zSqBzn4+wVPZmxcCwuLNmu28JJ76SNYAf/4hTjlc2+8WasB/C8rNA+ASf+C6SsMMp677JffWXJtfJHgtPGV+gTCBITG7D8pkCVyIdoiGDv503QDiw59YdocEHkIaRw6EzSZ5XFEHz0mbnTZ7HgRYPklsQzVvetEOmctFdZgYZZ1hjVOkWIjiuSR+hDc3IT/TdXEohZxizAZAEmmsli0Q70m2EWJo1tUqxS9soQGKGQc/crIdpHSdgFfBI3gyKZP4ehv1WzYqrWlg1syDgbNllgEJIIBxv+ZI+QMJUF8SdtleMkxE6PYvc1bzpj6nTrM1oahiK8BUKS+cTpXQr1+LneL1mQ/4rSqNQO5ooBweej3Ql0cDNzjahfYc/1AwctQOdjZRpmGUs+RaMezgF8"
}
}
],
"packageRules": [
{
"matchFileNames": [".github/**"],
"excludePackageNames": ["defenseunicorns/zarf","defenseunicorns/uds-cli"],
"groupName": "githubactions",
"commitMessageTopic": "githubactions",
"pinDigests": true
}
]
}

0 comments on commit 88a3d84

Please sign in to comment.